trials@uspto.gov
`
`571-272-7822
`
`IPR2015-01009, Paper No. 32
`IPR2015-01010, Paper No. 32
`August 15, 2016
`
`
`
`
`RECORD OF ORAL HEARING
`UNITED STATES PATENT AND TRADEMARK OFFICE
`- - - - - -
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`- - - - - -
`APPLE INC.,
`Petitioner,
`vs.
`VIRNETX INC.,
`Patent Owner.
`- - - - - -
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`Technology Center 2400
`Oral Hearing Held: Tuesday, July 19, 2016
`
`
`Before: KARL D. EASTHOM, ROBERT J. WEINSCHENK,
`and BETH Z. SHAW, Administrative Patent Judges.
`
`The above-entitled matter came on for hearing on Tuesday,
`July 19, 2016, at 10:00 a.m., Hearing Room B, taken at the U.S. Patent and
`Trademark Office, 600 Dulany Street, Alexandria, Virginia.
`
`REPORTED BY: RAYMOND G. BRYNTESON, RMR,
`
`CRR, RDR
`
`
`
`571-272-7822
`
`IPR2015-01009, Paper No. 32
`IPR2015-01010, Paper No. 32
`August 15, 2016
`
`
`
`
`RECORD OF ORAL HEARING
`UNITED STATES PATENT AND TRADEMARK OFFICE
`- - - - - -
`BEFORE THE PATENT TRIAL AND APPEAL BOARD
`- - - - - -
`APPLE INC.,
`Petitioner,
`vs.
`VIRNETX INC.,
`Patent Owner.
`- - - - - -
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`Technology Center 2400
`Oral Hearing Held: Tuesday, July 19, 2016
`
`
`Before: KARL D. EASTHOM, ROBERT J. WEINSCHENK,
`and BETH Z. SHAW, Administrative Patent Judges.
`
`The above-entitled matter came on for hearing on Tuesday,
`July 19, 2016, at 10:00 a.m., Hearing Room B, taken at the U.S. Patent and
`Trademark Office, 600 Dulany Street, Alexandria, Virginia.
`
`REPORTED BY: RAYMOND G. BRYNTESON, RMR,
`
`CRR, RDR
`
`
`
`APPEARANCES:
`
`ON BEHALF OF THE PETITIONER:
`
`
`
`
`
`
`
`
`
`DANIEL ZEILBERGER, ESQ.
`JOSEPH E. PALYS, ESQ.
`NAVEEN MODI, ESQ.
`Paul Hastings LLP
`875 Fifteenth Street, N.W.
`Washington, D.C. 20005
`202-551-1700
`
`
`
`
`
`
`
`
`
`
`
`
`2
`
`
`
`
`
`
`
`
`
`
`
`SCOTT M. BORDER, ESQ.
`JEFFREY P. KUSHAN, ESQ.
`THOMAS A. BROUGHAN III, ESQ.
`Sidley Austin LLP
`1501 K Street, N.W.
`Washington, D.C. 20005
`202-736-8000
`
`
`
`
`
`
`
`
`ON BEHALF OF THE PATENT OWNER:
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`P R O C E E D I N G S
`
`(10:00 a.m.)
`JUDGE WEINSCHENK: This is a hearing for
`IPR2015- 01009 and IPR2015- 01010, Apple Inc. vs. VirnetX
`Inc.
`
`Let's start with appearances. Who do we have for
`Petitioner?
`MR. BORDER: Your Honor, Scott Border for
`Petitioner Apple. With me are Jeff Kushan, lead counsel, and
`Tom Broughan, backup counsel.
`JUDGE WEINSCHENK: Good morning. And who
`do we have for Patent Owner?
`MR. ZEILBERGER: Good morning, Your Honor.
`Daniel Zeilberger here on behalf of Patent Owner, along with
`lead counsel, Joseph Palys, and Naveen Modi.
`JUDGE WEINSCHENK: Good morning. So as you
`know from our order, each side will have 45 minutes to
`present their case. I will start with Petitioner and then follow
`up with Patent Owner.
`Petitioner, you may begin when you are ready.
`Just let us know how much time you would like to reserve for
`rebuttal, if any.
`MR. BORDER: Yes, Your Honor, I would like to
`-- may I approach?
`JUDGE WEINSCHENK: Sure. Thank you.
`
`
`
`3
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`MR. BORDER: I will use about 25 minutes and
`leave about 20 minutes for rebuttal, Your Honor.
`JUDGE WEINSCHENK: 20 minutes for rebuttal?
`MR. BORDER: Yes, Your Honor.
`Good afternoon, Your Honors, and may it please
`the Board. We are here to discuss two proceedings involving
`the same '643 patent to VirnetX, IPR2015- 01009.
`One primary reference at issue, that's the Windows
`Resource Kit, Exhibit 1005. We have two secondary
`references involved in this proceeding. That's the IE5
`Resource Kit, Exhibit 1006, and the Elgamal patent, which is
`Exhibit 1007.
`We will also be discussing IPR2015- 01010. Those
`involve the references Yeager, which is Exhibit 1008, and the
`IE5 Resource Kit, again, which is Exhibit 1006. There is
`one -- two claims involving RFC 1034. I will discuss those
`proceedings shortly.
`Let's go to slide 3, please. On this slide is the first
`claim of the '643 patent and it is exemplary. It describes a
`method of creating an encrypted communication link between a
`first and second device. The method is comprised of two main
`steps and four sub- steps.
`First, there is enabling at the first device a secure
`communication mode. Second, you establish based on a
`determination that the secure communication mode has been
`
`
`
`4
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`enabled, the encrypted communication link. And then there
`are four sub-steps that comprise the establishing step. Those
`include constructing a domain name, sending a query using the
`domain name, receiving a network address, and then finally
`initiating the establishment of the encrypted communication
`link using encrypted communication link resources.
`Let's go to slide 5. Now, the '643 patent is
`generally directed to a method and apparatus of creating a
`secure -- excuse me, the '643 patent is generally directed to
`secure communication techniques. It describes several
`examples of enabling a secure communication mode.
`What I have included here is, in Exhibit 1001,
`which is the '643 patent at column 50, lines 9 through 19, and
`it explains that one way to enable a secure communication
`mode is by clicking on a "go secure" hyperlink.
`And it further explains that when doing this the
`user does not need to enter any user identification information,
`any passwords or encryption keys.
`And if we can go to slide 6 there is another
`description on an alternative way of entering a communication
`mode. In this one the user simply enters a command into the
`computer. In either case there is no entering of information
`such as passwords, identification information or -- excuse me,
`or passwords. And I note this is at column 49, lines 26 to 53
`of the '643 patent.
`
`
`
`5
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`Let's go to slide 7, please. I've listed on this slide
`some of the primary disputes between the parties that I would
`like to briefly touch on today. The first of which is this first
`element of claim 1 which is enabling a secure communication
`code -- excuse me, mode, without a user entering any
`cryptographic information.
`Let's go to slide 8, please. Before I do that I want
`to give a brief overview of the Windows Resource Kit. At the
`top is a figure depicting the process for establishing a
`connection between computer A, which is listed as host A, and
`computer B, which is listed as host B.
`Windows runs an IP Security policy driver that can
`establish an encrypted connection between those two
`computers. And in step 1 it explains that an application which
`can be, for example, a web browser on computer A generates
`packets to send from computer A to B.
`And when it does so, in step 2, it explains that the
`IP Security driver will check to see if IPSec has been enabled
`and, if so, it will negotiate encryption keys between the two
`computers.
`Before this process begins --
`JUDGE WEINSCHENK: When you say it checks
`to see if IPSec has been enabled, you are checking on host A,
`right?
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`6
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`MR. BORDER: That's correct, Your Honor. And,
`in fact, if you can go to slide 11, what the computer will do is
`check the secure -- one of the three default security policies.
`And so in the instance where computer A is either high or
`moderate it will check to see whether IPSec has been enabled.
`In the high instance, not only will it check to see
`whether it has been enabled on computer A, but it will also
`require that computer B have IPSec enabled.
`JUDGE WEINSCHENK: I have a question about
`that actually. Does it require that IPSec be enabled on host B
`or does it just reject communications that aren't secure?
`That's two different things.
`MR. BORDER: That is two different things, Your
`Honor. It does not check at the time, that is, in performing --
`when it is performing this communication mode it does not
`check whether host B has enabled it.
`But if host B is not enabled, when it attempts to
`establish the communications, you are correct, Your Honor, it
`will be rejected.
`JUDGE WEINSCHENK: So there just won't be any
`communication --
`MR. BORDER: That's correct, Your Honor.
`JUDGE WEINSCHENK: -- with host B?
`MR. BORDER: That's correct.
`JUDGE WEINSCHENK: Okay.
`
`
`
`7
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`MR. BORDER: Let's go back to slide 8, please.
`Now, before this process begins in the Windows Resource Kit,
`the Windows reference explains that a name resolution
`mechanism -- excuse me, at the bottom of this passage, and
`this is Exhibit 1005 at page 964 -- it explains that applications
`running on windows machines frequently require users to enter
`host names to identify their destination computers.
`And Windows uses a host name resolution
`mechanism to perform a -- excuse me, and Windows uses a
`host -- a name resolution mechanism such as DNS to resolve
`those names into IP addresses.
`Let's go briefly back to slide 7. And, again, so the
`first claim element we are going to discuss is the enabling
`step.
`
`Let's go to slide 9. We are going to focus on this
`first element. And there are two parts to this claim limitation
`that we are going to focus on. First, whether a secure
`communication mode has been enabled and, second, whether
`that has been done without a user entering any cryptographic
`information.
`Let's go to slide 10. What Windows Resource Kit
`explains is that a user or an administrator can select a default
`policy to implement security. And it is through a drop- down
`menu. It is a little bit blurry, and this is Exhibit 1005 at 1025,
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`8
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`but in the box you can select, for example, one of three
`security options.
`If you go to slide 11, these are the three default
`security options. They range from low, moderate to high. We
`explained in selecting either the moderate or high security
`mode that it satisfies the enabling a secure communication
`mode described in the '643 patent.
`Go to slide 12, please. Now, the claim specified
`enabling the secure communication mode without a user
`entering any cryptographic information.
`Now, the specification describes one example of
`how that is done and it explains that a user does not need to
`enter any user ID information, passwords or encryption keys.
`And, again, this is at column 50, lines 9 through 19.
`If we go back to slide 10, please, and that's exactly
`how the Windows Resource Kit acts. Once configured the user
`need not enter any passwords, encryption keys or other sort of
`identifying information. They simply enter a URL into an
`address and a secure communication mode is enabled.
`Let's go to slide 13, please. And Dr. Tamassia
`explained, Petitioner's expert, that selecting a policy from a
`drop- down box, in doing so the user does not enter any
`cryptographic information. He explained that cryptographic
`information are such things as cryptographic keys, digital
`signatures, hashes, or specific encryption algorithms.
`
`
`
`9
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`So as we explained, Windows Resource Kit shows
`enabling a secure communication mode and it also shows that
`that secure communication mode is enabled without a user
`entering any cryptographic information.
`Let's go to slide 7, please. I want to touch briefly
`on sending a query using the domain name. And if we can go
`back to slide 8.
`Again, this was the passage that we include at the
`bottom of this overview slide where it explains that Windows
`machines operating on these TCP/IP networks use a name
`resolution mechanism, and it identifies one such mechanism as
`DNS.
`
`JUDGE WEINSCHENK: Where is the DNS in that
`figure? Is it shown or do we not know where it is?
`MR. BORDER: It is not known in the figure, Your
`Honor. But this mechanism would occur prior to the
`generating the outbound packs to host B.
`What the Windows Resource explains is that you
`need an IP address to do that. And the way that is done is
`through this host name mechanism described earlier in the
`Windows Resource Kit at page 964.
`JUDGE WEINSCHENK: Does it describe where
`the host name comes from, like how do you get the host name
`for host B?
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`10
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`MR. BORDER: It does not -- Your Honor, I'm not
`aware that it describes where the host name comes from, but
`what it explains is that typically users would know computer
`names rather than IP addresses. Such as you might know
`Google but you might not know the actual IP address for
`Google.
`
`And this is the information that is input into the
`connection request. And that creates this name resolution
`mechanism where it converts the name to an IP address.
`Let's go to slide 7. I'm going to talk about these
`last two points together, and that is establishing based on a
`determination that the secure communication mode has been
`enabled, and then also initiating establishment of the
`encrypted communication link with resources received from
`the server that is separate from the first device.
`They sort of go hand- in- hand. I want to talk about
`them at the same time. If you can go to slide 23, please.
`What Windows --
`JUDGE WEINSCHENK: Please talk about the
`claim first and what it requires before we get into what
`Windows Resource Kit shows.
`MR. BORDER: Sure, Your Honor.
`JUDGE WEINSCHENK: I think there is some
`dispute here about whether the server has to be separate from
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`11
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`just the first device or separate from the first and second
`device.
`
`MR. BORDER: That's right, Your Honor. There is
`a dispute about that. And as you know from the claims, they
`only require that the server is separate from the first device.
`They do not require that the server be separate from the
`second device.
`And I note that there are many descriptions in the
`'643 patent where various components of the system are
`combined into single devices. They are split among multiple
`devices. So we think this is consistent with the specification
`that, for example, you could have a server and second device
`reside on the same program.
`JUDGE WEINSCHENK: Do we have an example
`from the spec where the server is combined with the second
`device, because I don't recall you pointing me to an example
`of that?
`
`MR. BORDER: That's correct, Your Honor. Do
`you want to go to slide 26? There are numerous descriptions
`in the '643 patent of combining devices, but, you are correct,
`there is no description of the second device residing on the
`same computer as the server.
`It does explain that servers can be both programs
`and devices. And so based on the claim language itself we
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`12
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`don't see any issue with the server computer or program
`residing on the same device as the second device.
`JUDGE WEINSCHENK: So are you really relying
`just on the claim language to support your argument mostly?
`MR. BORDER: Mostly, Your Honor, but also in
`the description of the '643 patent. Can you go to slide 27?
`Again, there are multiple descriptions in the '643 patent, such
`as here at column 40, lines 30 to 32, and also column 40, lines
`38 to 42, where it talks about implementing functions either in
`single devices or across multiple devices.
`We think that our reading of the claims, which can
`have the secure server operate on the same device, the second
`device, is perfectly consistent with the specification as
`supported by the claim language itself.
`Can you go back to the claim language again?
`Again, Your Honor, this is slide 25. Again, it only says that
`the server needs to be separate from the first device. It does
`not require that the server be separate from the second device.
`Let's go to slide 23, please. Again, we wanted --
`what we showed was that the secure communication link is
`established based on this IPSec driver that resides on host A
`and it checks the security policy and, for example, if the
`security policy is high, it will determine that IPSec must be
`used for the communication.
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`13
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`This is a determination that a secure
`communication mode has been enabled. And this is in the
`Windows Resource Kit at page 1021.
`Go to slide 24, please. And in further describing
`this process, excuse me, the Windows Resource Kit explains
`that if they do, if the computers do agree to use this IPSec
`protocol, they exchange public keys, they exchange public
`keys and establish a shared secret key, apart from
`authenticating the two computers, this is the computer B
`sending an encryption key back to host A, as we explain in our
`petition and in our reply.
`This key is the encrypted communication link
`resource of the claims. It is received from computer B. It is
`sent from computer B to host A. If we go back to the claim
`language really quick, slide 25, again, all that is required by
`this claim is that this encrypted communication link resource,
`which is this key that is sent from host B to computer A, is
`received from a server, computer B, that is separate from the
`first device, computer A.
`JUDGE WEINSCHENK: And the at least one
`network address is the thing you received from the DNS
`server?
`
`MR. BORDER: That's correct, Your Honor.
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`
`
`
`14
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`JUDGE WEINSCHENK: Can we, in the interest of
`time, jump to claims 7 and 22, which I believe recite the
`secure domain name service?
`MR. BORDER: Yes, Your Honor. That's exactly
`where I was going next. Let's go to slide 32, please. The
`parties proposed different constructions for the secure domain
`name service. Petitioner's construction is consistent with the
`specification, which explains that an SDNS is simply a
`cross-reference database of secure domain names and
`corresponding network addresses. Patent Owner's construction
`brings in additional elements that are not present in the
`specification.
`If we go to slide 33, after we filed our petition, the
`Board in a related proceeding construed the term SDNS. We
`believe it is consistent with our construction and, as we show
`in our reply, there are no consequences to the differences. The
`differences primarily being this last phrase: "for which a
`conventional domain name service cannot resolve addresses."
`JUDGE WEINSCHENK: Do you have any
`objection to that construction?
`MR. BORDER: No, Your Honor.
`JUDGE WEINSCHENK: And you would agree
`
`with it?
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`
`
`
`15
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`MR. BORDER: We would agree with it, Your
`Honor. And as we showed in our reply, I believe, at pages 10
`and 11, we meet this construction as well.
`Can you go to slide 31?
`JUDGE WEINSCHENK: Before we go into the
`teachings of the Windows Resource Kit, I want to go back.
`Can you go back to the previous slide that had the parties'
`proposed constructions?
`Patent Owner adds something else in there and I
`think it is just a definition of what a secure computer network
`address is?
`MR. BORDER: Yes, Your Honor.
`JUDGE WEINSCHENK: They say it is a network
`address that requires authorization for access.
`MR. BORDER: Uh-huh.
`JUDGE WEINSCHENK: Do you have any problem
`with that? I believe you guys agreed to that construction in a
`different proceeding as well.
`MR. BORDER: Your Honor, I'm not certain that
`we did agree to that construction, but I'm going off memory
`here. We did show that the secure network addresses in the
`Windows reference do require authorization for access.
`We don't think there is any description in the
`specification to support that requirement. In fact, under the --
`let's see.
`
`
`
`16
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`JUDGE WEINSCHENK: I guess what I'm just
`getting at here is you guys have secure network address in
`your construction.
`MR. BORDER: That's correct.
`JUDGE WEINSCHENK: And Patent Owner has
`further defined that term. And what I'm trying to get at is, do
`the parties have a common understanding as to what that term
`means or is there a dispute about that?
`MR. BORDER: Yes, Your Honor, I think there is a
`dispute about that. I think what we have shown and what the
`Board has previously determined -- if you can go to the
`Board's previous finding, of secure network address -- is
`that -- sorry, of secure domain name, is that it is simply a
`name that corresponds to a computer network address.
`And I think that is supported in the specification in
`part by the description of the secure domain name service,
`again, which is just a database of corresponding domain names
`and network address.
`We don't think that the secure domain name
`requires, or a secure network address requires to show
`authorization, but we did show both in the Windows Resource
`Kit and Yeager that the relevant computers, for example, host
`B, does require authorization.
`JUDGE EASTHOM: Don't you also allege that
`they return a secure computer network address?
`
`
`
`17
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`MR. BORDER: That's correct, Your Honor. And
`can we go to slide 31?
`JUDGE EASTHOM: Because we're trying to figure
`out, I think, all the Judge was trying to figure out why these
`arguments are material to anything if the references disclose
`what they propose is their construction?
`MR. BORDER: I'm sorry, Your Honor, I'm not
`sure I follow your question.
`JUDGE EASTHOM: I guess we're trying to figure
`out why we need to resolve a claim construction dispute if
`you, you know, are asserting that even under their construction
`the references disclose or render those obvious?
`MR. BORDER: That's correct, Your Honor. There
`have been a number of Board decisions that said that there is
`no need to construe a term if there is no dispute as to -- if
`there is no dispute as to whether the reference discloses those
`elements.
`
`And, as we showed, our computers correspond to
`secure network address both under our construction and under
`the Board's construction, previous construction, and under
`Petitioner's construction. They do require authorization for
`access.
`
`Can you go back to the -- yes. They do -- they are
`network addresses that require authorization for access. And
`they also, with respect to the secure domain name service, we
`
`
`
`18
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`showed in our reply, page 14 in our 1009 reply, that this
`recognition that a message is requesting a secure computer
`network address is simply, as explained in the patent, just a
`lookup or a cross- referencing of a database of secure domain
`names and corresponding network addresses.
`So under either construction, we showed how the
`Windows Resource Kit and later Yeager discloses these terms.
`So you are correct, Your Honor, there is no need to construe
`this term.
`
`Let's go to Yeager.
`JUDGE WEINSCHENK: Can we look at Windows
`Resource Kit? I think you were going to show me that slide
`before and I turned you away from that.
`MR. BORDER: Yes, Your Honor.
`JUDGE WEINSCHENK: Let's talk about that now.
`MR. BORDER: That's slide 31.
`JUDGE WEINSCHENK: And my question for you
`is, can you explain to me in this figure and the description you
`have where the secure domain name server is and how we
`know it is a secure domain name service?
`MR. BORDER: Yes, Your Honor. The secure
`domain name server in this figure is the IS -- I'm sorry, is the
`name server on the intranet, intranet with an "a."
`This computer shows that in this private network
`you can have your own name resolution service. And this
`
`
`
`19
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`name resolution service will exist behind the Internet. It can
`only resolve -- it can only perform host name resolution on
`names corresponding to addresses on that private network.
`The computer on the public network --
`JUDGE SHAW: Does the reference say that, or
`could you point us to where the reference says that it can only
`resolve names on the private network?
`MR. BORDER: I think what we said was client --
`up there at the top, Your Honor, it is highlighted a little bit in
`yellow -- client 1 resolves intranet names by using a name
`server on the intranet, NoamDC1, and alternatively resolves
`Internet names by using a name server on the Internet, the
`public Internet, using the ISPNameServer.
`So that presents the dichotomy that is in the
`Windows Resource Kit between the two different name
`servers, one which cannot resolve names on the public network
`and one which cannot resolve names on the private network.
`JUDGE WEINSCHENK: So I have two questions
`for you. The first one is it looks to me like on the intranet and
`the Internet in that figure they are both resolving the same
`exact domain name.
`So that looks to me like the domain name can be
`resolved both by the intranet service and the Internet service.
`Am I wrong in that?
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`20
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`MR. BORDER: I think what the reference
`explains, and this is the passage at the bottom, is that you can
`have a machine that is connected to two different networks.
`And so in this case it is the same machine, and it
`can be connected, for example, to an internal private network.
`It also can be connected to a public network.
`And so you could configure it to resolve based on
`essentially where the request is coming from. In one case if it
`is a request generated from the intranet, you would get --
`resolve this internal IP address, the 172.18.8.7. Alternatively,
`if it was a request from the public Internet you might get this
`other address.
`JUDGE WEINSCHENK: I guess the problem I'm
`having is, though, if we go with Patent Owner's construction it
`requires that there be a -- that it resolve a name that cannot be
`resolved by a conventional service.
`And to me it looks like the name being resolved by
`the intranet can also be resolved by the Internet.
`MR. BORDER: Oh, I see what you're saying, Your
`Honor. Actually what it explains is that there would be two
`different domain names.
`For example, at the bottom it says -- and this,
`again, is the Windows Resource Kit, Exhibit 1005, at 989 to
`90 -- if you do have this computer connected to two different
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`21
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`networks, you want it to have a different domain name on each
`network.
`
`So it is not the same domain name that is getting
`resolved. It is two different domain names, one corresponding
`to the private network, one corresponding to the public
`network. So it isn't a single domain name that is resolved. It
`is two different domain names.
`JUDGE WEINSCHENK: Okay. And then we know
`somehow that the one on the intranet cannot be resolved by the
`one on the Internet?
`MR. BORDER: Yes, Your Honor. And I believe
`that is described in our petition at page 39 in our reply at 12 to
`13. What our expert did is he looked at this figure and, based
`on his understanding, determined that this private network
`resolution service could only resolve those -- sorry, could only
`resolve the private addresses.
`And so -- but it could not resolve the request for
`the -- I'm sorry. The name registered on this intranet -- the
`intranet with an "a" -- it would not be registered with the
`public DNS, as it explains down at the bottom. So in that case
`it could not be resolved by that conventional DNS because it
`would not be registered with it.
`JUDGE WEINSCHENK: Just so you know, you are
`cutting into your rebuttal time right now.
`MR. BORDER: Okay, Your Honor.
`
`
`
`22
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`JUDGE WEINSCHENK: You can take some time
`off your rebuttal or if you would like to reserve at all.
`MR. BORDER: I will take some time off my
`rebuttal, Your Honor. I want to go quickly into Yeager.
`Let's go to slide 39. These are the main disputes
`between the parties with respect to Yeager. Let me touch on
`this first one real quick.
`Let's go to slide 40, actually. A brief overview of
`Yeager describes a person using a web browser to connect to a
`web server using HTTP protocol. It explains that some
`browsers can use SSL, which allows creation of an encrypted
`channel with the server. When it is combined with SSL it uses
`the HTTPS protocol. Then it describes an example where a
`user engages in purchase transactions.
`Let's go to slide 41.
`JUDGE WEINSCHENK: So I think there is some
`confusion here, or at least some arguments about when is the
`secure communication mode actually enabled? For example, is
`it enabled after you type in the entire address, including
`HTTPS and then hit enter? When is it enabled?
`MR. BORDER: Your Honor -- can we go to slide
`48 -- what we explain is that if the browser supports HTTPS,
`then it will not be auto- corrected by the browser. And that is
`consistent with -- can you please pull up the auto- correction
`slide?
`
`
`
`23
`
`
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`
`So what we explained is that if a user enters HTTP,
`and the browser determines that it supports HTTP, it will just
`simply initiate a communication link. If the user enters
`HTTPS, and the browser recognizes that it does not support
`HTTPS, it will not permit the connection and it will
`auto- correct it to HTTP.
`So in allowing the user to enter HTTPS, that is a
`determination that that browser supports SSL. Does that
`answer your question, Your Honor?
`JUDGE WEINSCHENK: So you are telling me that
`the secure communication mode is enabled by the fact that it
`doesn't auto- correct the address as you enter it?
`MR. BORDER: It is enabled, Your Honor, it is
`enabled by the fact that the user has specified HTTPS, and the
`browser's determination not to fix that, the user has enabled
`that secure communication mode by entering the HTTPS
`protocol.
`
`Let's go back to slide 42. This is -- well, let's go
`to slide 8, please. It is enabled when the user -- I'm sorry. It
`is enabled when the user types in the HTTPS into the browser.
`This is similar to a user entering a command into computer
`3301 to go secure. This is a description in the '643 patent.
`JUDGE WEINSCHENK: So I guess my question,
`the thing I'm having trouble with is I don't know how the
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`
`
`
`24
`
`
`
`1
`2
`3
`4
`5
`6
`7
`8
`9
`10
`11
`12
`13
`14
`15
`16
`17
`18
`19
`20
`21
`22
`23
`24
`25
`
`Case IPR2015-01009 and IPR2015-01010
`Patent 8,843,643 B2
`
`computer knows that something is HTTPS until you entered it
`or clicked on it or something like that.
`Just typing those words, how does the computer
`know that you have entered a secure communication mode?
`MR. BORDER: Well, if you enter HTTPS it will
`check to see whether it has an SSL module within the Explorer
`program.
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
